How to create a user account for basic authentication?

Question

How to create a user account for basic authentication?

I want to add basic authentication to my site. I followed the instructions in the MSDN article on Configure Basic Authentication (IIS 7)

To use the user interface
Open IIS Manager and go to the level you want to manage. For information about opening IIS Manager, see Open IIS Manager (IIS 7) . For information on navigating locations in the user interface, see Navigation in IIS 7).
In Feature View, double-click Authentication .
On the Authentication page, select Basic authentication .
In the Actions pane, click Enable to use basic authentication with the default settings.
Optionally, in the Actions panel, click Change to enter the default domain and domain.
In the Edit Basic Validation Settings dialog box, in the Default text box, enter a default domain or leave it blank. Users who do not provide a domain when logging into your site are authenticated against that domain.
In the Kingdom text box, enter a region or leave it blank. In general, you can use the same value for the realm name as for the default domain.
Attention!
If you enter the default domain name in the Kingdom text box, your internal Microsoft Windows domain name may be exposed to external users when you call the username and password.
Click OK to close the Edit Basic Scan Settings dialog box.

Here is what I have done so far:

Now I need to create a user account for basic authentication.

Does anyone know how to create users in IIS Manager?

+66

iis iis-7 basic-authentication

Joseph Bi Mar 21 '11 at 3:20

source share

9 answers

Josh M. · Answer 1 · 2011-03-21 03:27

Right-click on the computer and select "Management" (or go to "Control Panel"> "Administrative Tools"> "Computer Management"), and in the "Local Users and Groups" section you can add a new user. Then give this user permission to read the directory in which the site is hosted.

Note. . After creating a user, be sure to edit the user and delete all roles.

drew_w · Answer 2 · 2014-03-19 17:16

I know this is a really old question, but I wanted to add some explanations that I found with difficulty (this is information n00b).

Basic Authentication uses the same accounts that you have on your local computer or network. If you leave the domain and domain empty, local accounts are what are actually used. Thus, to add a new account, you follow the exact process that you would like to add to your local computer a regular new account (as indicated by JoshM or as shown here ). If you enter a domain and realm, you can create network accounts in your local active directory, and this is what will be used for user login and logout.

Since it has existed for so long, basic authentication is generally compatible with any browser / system, but it has serious drawbacks:

user and password are sent to the clear field (except for SSL)
you need to have a user account for each user or client

For more information on basic authentication or user accounts, see the following MSDN page .

kristi_io · Answer 3 · 2014-06-14 11:59

Unfortunately, for IIS installed on Windows 7/8 machines, there is no way to create users only for IIS authentication. For Windows Server, there is such an option in which you can add users from the IIS Manager interface. These users have roles only in IIS, but not for the rest of the system. This article shows how you add users, but it is incorrectly stated that it also applies to the standard OS, it applies only to server versions.

Uwe Donaldson · Answer 4 · 2014-08-08 19:16

If you are creating a user with advanced user management (from the command line: netplwiz ), change the group, delete the users, and add iis_users. They will be able to authenticate on your web page, but not on the computer.

Warren P · Answer 5 · 2014-05-29 14:16

It seems to me that Windows 8 and IIS 7 no longer provide any user interface for creating a username and password for basic authentication, which is NOT a local Windows user account. Obviously, the excellent approach to creating a user / password authentication pair is for IIS only, but it’s not clear and simple how to do this.

There are command line tools for this purpose. Some people create a Windows account and then delete the Local User Privilege Logarithm.

Alsan Ali · Answer 6 · 2015-11-23 14:55

Configure basic authentication using microsoft instructions. But for the default domain name, enter the name of your computer. To find the name of your computer, click "Start", right-click on the computer, select properties and find the name of your computer :)

Then create users, as usual, on Windows 7. If you do not know how to do this, go to the control panel, users, add an account ..... blah blah blah .... Get This?

Next, go to iis and set permissions for the newly created user. Be careful to set permissions to do this exactly the way you want it.

It's all! For login, username and password!

NOTE. The username should be in simple letters, not capital. I'm not sure about this, so I told you that.

Barry · Answer 7 · 2016-04-15 21:03

Just add a note as I cannot comment without 50+ rep ...

If FIPS is installed on the server, it does not allow creating users. Since IIS v8 (and, it seems to me, below) does not use FIPS encryption algorithms. It would be great if it supported it, because obviously the user account in Windows is not secure compared to the virtual user mapped to an isolated folder. Too bad.

P GS · Answer 8 · 2018-01-28 20:10

in iis manager, click the directory for protection.

select authorization rules.

add ban anonymous users rule.

add allow all users rules.

Go back to: "in iis manager, click the directory to protect" click "Disable authentication", except for basic authentication.

The directory is now protected. only people with user accounts can access the folder over the Internet.

Versatile · Answer 9 · 2019-07-18 16:41

I was able to achieve basic authentication on Windows Server 2012 by doing the following:

Select your site in IIS and select Authentication

Verify that basic authentication is the only option enabled.

THEN! Add username and password through Server Manager . Choose Tools → Computer Management .

In System Tools → Local Users and Groups → Users, right-click anywhere in the middle pane, select " New User" and enter the credentials that you want to use.

Now, when you go to the site in a browser, you should get an authentication dialog:

How to create a user account for basic authentication?

To use the user interface

More articles: